Microsoft Pulls Back on Cryptome Takedown Request over Leaked Document

Microsoft withdrew its request to take down Cryptome.org after the site posted a document detailing Microsoft's user-data retention policies. Microsoft had originally argued that the posting of the "Microsoft Online Services Global Criminal Compliance Handbook" constituted copyright violation, and Cryptome's service provider took the site down temporarily. The document details how Microsoft stores data such as IP addresses and registration information for sites like Hotmail, MSN Groups, Xbox Live and Windows Live Messenger.

Microsoft withdrew its request to have Cryptome.org, a site that posts
leaked documents from corporations and governments, taken down after it
published an internal document detailing which of its users' online data
Microsoft was willing to share with law enforcement under certain
circumstances.

Soon after Cryptome posted the document on Feb. 20, Microsoft responded with a
copyright infringement claim under the Digital Millennium Copyright Act (DMCA),
which in turn led Cryptome host Network Solutions to take down the site on
Feb.24. News of the DMCA takedown quickly spread, and other sites quickly began
posting the documents, which may have compelled Microsoft to rescind its legal
maneuver.
"While Microsoft has a good faith belief that the distribution of the
file that was made available ... infringes Microsoft's copyrights, it was not
Microsoft's intention that the takedown request result in the disablement of
Web access to the entire cryptome.org Website," Evan Cox, outside counsel
to Microsoft, wrote in a Feb. 25 e-mail to Network Solutions administrators.
"Accordingly, on behalf of Microsoft, I am hereby withdrawing the takedown
request."

Microsoft reiterated that position in an e-mail to eWEEK on Feb. 26.

"Like all service providers, Microsoft must respond to lawful requests
from law enforcement agencies to provide information related to criminal
investigations," a Microsoft spokesperson wrote. "We take our
responsibility to protect our customers' privacy very seriously, so have
specific guidelines that we use when responding to law enforcement
requests."

In the case of Cryptome, the spokesperson continued, "we did not ask that
this site be taken down, only that Microsoft copyrighted content be removed. We
are requesting to have the site restored and are no longer seeking the
document's removal."

The document in question, along with the e-mail correspondence related to
Microsoft's takedown request, can be found here.

As more and more consumers port their information onto cloud-based services,
there has been an accompanying rise in privacy concerns. On Feb. 16, the Electronic
Privacy Information
Center filed a complaint with the
Federal Trade Commission charging that Google Buzz, a micro-blogging site
connected to Gmail that has the potential to make user data unintentionally
public, violates consumer protection. Cryptome has posted documents from other
tech companies, including Yahoo, that detail their handling and storage of
online user information.

Nicholas Kolakowski is a staff editor at eWEEK, covering Microsoft and other companies in the enterprise space, as well as evolving technology such as tablet PCs. His work has appeared in The Washington Post, Playboy, WebMD, AARP the Magazine, AutoWeek, Washington City Paper, Trader Monthly, and Private Air. He lives in Brooklyn, New York.